MCPcopy
hub / github.com/getsops/sops / DecryptContext

Method DecryptContext

pgp/keysource.go:395–416  ·  view source on GitHub ↗

DecryptContext first attempts to obtain the data key from the EncryptedKey stored in the MasterKey using OpenPGP, before falling back to GnuPG. When both attempts fail, an error is returned.

(ctx context.Context)

Source from the content-addressed store, hash-verified

393// stored in the MasterKey using OpenPGP, before falling back to GnuPG.
394// When both attempts fail, an error is returned.
395func (key *MasterKey) DecryptContext(ctx context.Context) ([]byte, error) {
396 var errs errSet
397
398 if !key.disableOpenPGP {
399 dataKey, openpgpErr := key.decryptWithOpenPGP()
400 if openpgpErr == nil {
401 log.WithField("fingerprint", key.Fingerprint).Info("Decryption succeeded")
402 return dataKey, nil
403 }
404 errs = append(errs, fmt.Errorf("github.com/ProtonMail/go-crypto/openpgp error: %w", openpgpErr))
405 }
406
407 dataKey, binaryErr := key.decryptWithGnuPG(ctx)
408 if binaryErr == nil {
409 log.WithField("fingerprint", key.Fingerprint).Info("Decryption succeeded")
410 return dataKey, nil
411 }
412 errs = append(errs, fmt.Errorf("GnuPG binary error: %w", binaryErr))
413
414 log.WithField("fingerprint", key.Fingerprint).Info("Decryption failed")
415 return nil, fmt.Errorf("could not decrypt data key with PGP key: %w", errs)
416}
417
418// decryptWithOpenPGP attempts to obtain the data key from the EncryptedKey
419// using OpenPGP and returns the result.

Callers 1

DecryptMethod · 0.95

Calls 2

decryptWithOpenPGPMethod · 0.95
decryptWithGnuPGMethod · 0.95

Tested by

no test coverage detected